<?php

namespace Commons;

class Ssl
{
    /**
     * 加密或者解密
     *
     * @param        $string    字符串
     * @param string $operation 类型
     *
     * @return string
     */
    public function code($string, $operation = 'E')
    {
        $ssl_public  = file_get_contents(DATA_PATH . "/conf/cert_public.key");//公钥路径
        $ssl_private = file_get_contents(DATA_PATH . "/conf/cert_private.pem");//密钥路径
        $pi_key      = openssl_pkey_get_private($ssl_private);//这个函数可用来判断私钥是否是可用的，可用返回资源id Resource id
        $pu_key      = openssl_pkey_get_public($ssl_public);//这个函数可用来判断公钥是否是可用的
        if (false == ($pi_key || $pu_key)) {
            return '证书错误';
        }
        $data = "";
        if ($operation == 'D') {
            openssl_private_decrypt(base64_decode($string), $data, $pi_key);//私钥解密
        } else {
            openssl_public_encrypt($string, $data, $pu_key);//公钥加密
            $data = base64_encode($data);
        }
        return $data;
    }

    /**
     * 生成证书
     *
     * @return bool
     */
    public function createOpenSslKeyFile()
    {
        $config = [
            "digest_alg"       => "sha512",
            "private_key_bits" => 4096,                     //字节数    512 1024  2048   4096 等
            "private_key_type" => OPENSSL_KEYTYPE_RSA,     //加密类型
        ];
        $res    = openssl_pkey_new($config);
        if ($res == false) {
            return false;
        }
        openssl_pkey_export($res, $private_key);
        $public_key = openssl_pkey_get_details($res);
        $public_key = $public_key["key"];
        //生成路径
        file_put_contents(dirname(APP_PATH) . '/Private/jwt/' . ENVIRONMENT . '/rsa_public_key.pem', $public_key);
        file_put_contents(dirname(APP_PATH) . '/Private/jwt/' . ENVIRONMENT . '/rsa_private_key.pem', $private_key);
        openssl_free_key($res);
    }
}
